- This topic has 13 replies, 2 voices, and was last updated 2 years, 8 months ago by
.
-
Posts
-
Hi dear Vadim, when I start instalation wiresock-vpn-client-x64-1.1.2.1.msi on Windows7 x64 (SP1 with all updates) I get the error bellow:
Can you help me with sollution please.
Hi,
Sorry, this is my fault, I had not tested the installer on Windows 7. I’ve just updated the installer, please re-download and try to install.
-Vadim
Vadim, good evening, thanks for your fast response.
The program has been successfully installed, but, after the start of the WireSock service, the handshake does not occur, and the following error is recorded to a log file screenshot bellow:
WireGuard and Dante servers are on the same VPS (Debian 10) with the one IP address.
Dante (SOCKS5 proxy) server, configured according by your instructions. I checked on the client computer: by writing the address of my proxy in the browser settings, browser traffic is redirected through the proxy server correctly.
I can’t find where the problem could be, or may be win7 unable to work correctly by redirecting udp traffic via socks5?
Good evening, Dziadek!
I think the problem is with Dante server:
[SOCKS5]: associate_to_socks5_proxy: Failed to receive socks5_ident_resp:: 10054Error code 10054 (WSAECONNRESET) means that connection was reset by the remote peer (Dante). How have you configured the Dante server? According to the log, it does not use username/password authentication, right? How have you limited access to it? By an IP address?
Vadim, good evening,
How have you configured the Dante server?
Dante (SOCKS5 proxy) server, configured according instructions:
logoutput: /var/log/socks.log
internal: eth0 port = 1080
external: eth0
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobodyclient pass {
from: [CLIENT EXT IP]/32 to: 0.0.0.0/0
log: error connect disconnect
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
udp.portrange: 40000-45000
#command: udpassociate
log: error connect disconnect
}
socks block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}According to the log, it does not use username/password authentication, right? How have you limited access to it? By an IP address?
Temporarily for testing Dante server does not use username/password authentication, I limited access by only an IP address.
I checked the availability of the server by setting the browser socks5 proxy settings on the client machine, and browser traffic is redirected through the this socos5 server correctly.
Hmm, a little confusing. However, when you start the application specifying debug level “all” it also creates PCAP files with traffic captures. Could you please share the wiresock_ext.pcap? It should contain something like on the screenshot below:
Vadim, bellow link to pcap files:
Well, Dante resets the connection immediately after processing the packet with authentication methods:
This is confusing if your browser connects fine… Could you please double-check if [CLIENT EXT IP]/32 in Dante configuration file matches your external IP? It behaves like you have a wrong IP address there.
You could try to change it to 0.0.0.0/0, restart Dante and check if it helps. For the security reasons, you could consider enabling username/password authentication.
Vadim, I turned off the Dante server filtering by IP, but still the error remained.
Dante logs at the time of the error give the below entries:Feb 15 07:29:54 (1644892194.992458) danted[18143]: info: pass(1): tcp/accept [: [CLIENT EXT IP].46837 [SERVER EXT IP].1080
Feb 15 07:29:55 (1644892195.080458) danted[18143]: info: block(1): tcp/accept ]: [CLIENT EXT IP].46837 [SERVER EXT IP].1080: error after reading 4 bytes in 0 seconds: Connection reset by peer
Feb 15 07:33:52 (1644892432.568395) danted[18143]: info: pass(1): tcp/accept [: [CLIENT EXT IP].23938 [SERVER EXT IP].1080
Feb 15 07:33:52 (1644892432.662061) danted[18143]: info: block(1): tcp/accept ]: [CLIENT EXT IP].23938 [SERVER EXT IP].1080: error after reading 4 bytes in 1 second: Connection reset by peerIt looks like something is preventing UDP traffic from passing through Dante
It’s really weird. It looks like you have a firewall in between that is blocking SOCKS5. Web browsers use SOCKS4 by default, and maybe that matters. To clarify, could you please capture the Dante traffic on the server side? For example, for my test machine in Oracle cloud:
ubuntu@instance-20211213-2206:~$ sudo tcpdump -D 1.ens3 [Up, Running] 2.lo [Up, Running, Loopback] 3.any (Pseudo-device that captures on all interfaces) [Up, Running] 4.bluetooth-monitor (Bluetooth Linux Monitor) [none] 5.nflog (Linux netfilter log (NFLOG) interface) [none] 6.nfqueue (Linux netfilter queue (NFQUEUE) interface) [none] ubuntu@instance-20211213-2206:~$ sudo tcpdump -vv -i ens3 -w file.pcap port 1080 tcpdump: listening on ens3, link-type EN10MB (Ethernet), capture size 262144 bytes 11 packets captured 11 packets received by filter 0 packets dropped by kernelThe resulted capture in Wireshark:
It looks like you have a firewall in between that is blocking SOCKS5.
If this is the case and if you are interested in further research, I think we could find & add another suitable method instead of SOCKS5.
Vadim, good evening,
Sorry for the late reply, I haven’t had the time in recent days to reinstall and reconfigure my Dante server.
After I set up user and password authentication on Dante, the handshake between WG server and WireSock was successful.
But despite the fact that the handshake was successful, the program did not work correctly, redirecting traffic through the server, or access to the server over a private network failed. I also noticed that when I starting the service, the TUN network adapter does not appear, as it did normally when the wireguard client was started. Also, I did not understand the server redirection to strange addresses that can be seen in the logs:
[SOCKS5]: S2C_AFTER: 2.0.0.0 : 14080 -> 192.168.1.105 : 64262
[SOCKS5]: S2C_AFTER: 3.0.0.0 : 2560 -> 192.168.1.105 : 64262
[SOCKS5]: S2C_AFTER: 4.0.0.0 : 2304 -> 192.168.1.105 : 64262 etc.
the log file is bellow:
I also noticed that when I starting the service, the TUN network adapter does not appear, as it did normally when the wireguard client was started.
WireSock does not add a virtual network adapter, NAT and encryption are applied to packets on the fly. This is very similar to how the Cloudflare WARP client works.
[SOCKS5]: S2C_AFTER: 4.0.0.0 : 2304 -> 192.168.1.105 : 64262 etc.
This is my fault, I didn’t test the configuration when both SOCKS5 and Wireguard are running on the same IP. Please download update v.1.1.5 and check how it works.
Vadim, great news, 1.1.5 passes the handshake and correctly redirects traffic through the WG server.
I think, after purchased another equipment from China, the specialists didn’t completely configured it, and left the some default settings, with the blocked WG service, because Open VPN and other famous protocols works correctly.
Thank you very much for taking the time to resolve this issue!
- You must be logged in to reply to this topic.